See also

This document will discuss how you can create modules for the Apache
HTTP Server 2.4, by exploring an example module called
mod_example. In the first part of this document, the purpose
of this module will be to calculate and print out various digest values for
existing files on your web server, whenever we access the URL
http://hostname/filename.sum. For instance, if we want to know the
MD5 digest value of the file located at
http://www.example.com/index.html, we would visit
http://www.example.com/index.html.sum.

In the second part of this document, which deals with configuration
directive and context awareness, we will be looking at a module that simply
writes out its own configuration to the client.

First and foremost, you are expected to have a basic knowledge of how the C
programming language works. In most cases, we will try to be as pedagogical
as possible and link to documents describing the functions used in the
examples, but there are also many cases where it is necessary to either
just assume that "it works" or do some digging yourself into what the hows
and whys of various function calls.

Lastly, you will need to have a basic understanding of how modules are
loaded and configured in the Apache HTTP Server, as well as how to get the headers for
Apache if you do not have them already, as these are needed for compiling
new modules.

This bit of code lets the server know that we have now registered a new module
in the system, and that its name is example_module. The name
of the module is used primarily for two things:

Letting the server know how to load the module using the LoadModule

Setting up a namespace for the module to use in configurations

For now, we're only concerned with the first purpose of the module name,
which comes into play when we need to load the module:

LoadModule example_module modules/mod_example.so

In essence, this tells the server to open up mod_example.so and look for a module
called example_module.

Within this name tag of ours is also a bunch of references to how we would
like to handle things: Which directives do we respond to in a configuration
file or .htaccess, how do we operate within specific contexts, and what
handlers are we interested in registering with the Apache HTTP service. We'll
return to all these elements later in this document.

When handling requests in Apache HTTP Server 2.4, the first thing you will need to do is
create a hook into the request handling process. A hook is essentially a
message telling the server that you are willing to either serve or at least
take a glance at certain requests given by clients. All handlers, whether
it's mod_rewrite, mod_authn_*, mod_proxy and so on, are hooked into
specific parts of the request process. As you are probably aware, modules
serve different purposes; Some are authentication/authorization handlers,
others are file or script handlers while some third modules rewrite URIs or
proxies content. Furthermore, in the end, it is up to the user of the server
how and when each module will come into place. Thus, the server itself does not
presume to know which module is responsible for handling a specific
request, and will ask each module whether they have an interest in a given
request or not. It is then up to each module to either gently decline
serving a request, accept serving it or flat out deny the request from
being served, as authentication/authorization modules do:
To make it a bit easier for handlers such as our mod_example to know
whether the client is requesting content we should handle or not, the server
has directives for hinting to modules whether their assistance is needed or
not. Two of these are AddHandler
and SetHandler. Let's take a look at
an example using AddHandler. In
our example case, we want every request ending with .sum to be served by
mod_example, so we'll add a configuration directive that tells
the server to do just that:

AddHandler example-handler .sum

What this tells the server is the following: Whenever we receive a request
for a URI ending in .sum, we are to let all modules know that we are
looking for whoever goes by the name of "example-handler" .
Thus, when a request is being served that ends in .sum, the server will let all
modules know, that this request should be served by "example-handler
". As you will see later, when we start building mod_example, we will
check for this handler tag relayed by AddHandler and reply to
the server based on the value of this tag.

To begin with, we only want to create a simple handler, that replies to the
client browser when a specific URL is requested, so we won't bother setting
up configuration handlers and directives just yet. Our initial module
definition will look like this:

This lets the server know that we are not interested in anything fancy, we
just want to hook onto the requests and possibly handle some of them.

The reference in our example declaration, register_hooks
is the name of a function we will create to manage how we hook onto the
request process. In this example module, the function has just one purpose;
To create a simple hook that gets called after all the rewrites, access
control etc has been handled. Thus, we will let the server know, that we want
to hook into its process as one of the last modules:

static void register_hooks(apr_pool_t *pool)
{
/* Create a hook in the request handler, so we get called when a request arrives */
ap_hook_handler(example_handler, NULL, NULL, APR_HOOK_LAST);
}

The example_handler reference is the function that will handle
the request. We will discuss how to create a handler in the next chapter.

A handler is essentially a function that receives a callback when a request
to the server is made. It is passed a record of the current request (how it was
made, which headers and requests were passed along, who's giving the
request and so on), and is put in charge of either telling the server that it's
not interested in the request or handle the request with the tools provided.

Let's start off by making a very simple request handler
that does the following:

Check that this is a request that should be served by "example-handler"

Set the content type of our output to text/html

Write "Hello, world!" back to the client browser

Let the server know that we took care of this request and everything went fine

In C code, our example handler will now look like this:

static int example_handler(request_rec *r)
{
/* First off, we need to check if this is a call for the "example-handler" handler.
* If it is, we accept it and do our things, if not, we simply return DECLINED,
* and the server will try somewhere else.
*/
if (!r->handler || strcmp(r->handler, "example-handler")) return (DECLINED);
/* Now that we are handling this request, we'll write out "Hello, world!" to the client.
* To do so, we must first set the appropriate content type, followed by our output.
*/
ap_set_content_type(r, "text/html");
ap_rprintf(r, "Hello, world!");
/* Lastly, we must tell the server that we took care of this request and everything went fine.
* We do so by simply returning the value OK to the server.
*/
return OK;
}

The most essential part of any request is the request record
. In a call to a handler function, this is represented by the
request_rec* structure passed along with every call that is made.
This struct, typically just referred to as r in modules,
contains all the information you need for your module to fully process any
HTTP request and respond accordingly.

Some key elements of the
request_rec structure are:

r->handler (char*): Contains the name of the handler the server is currently asking to do the handling of this request

r->method (char*): Contains the HTTP method being used, f.x. GET or POST

r->filename (char*): Contains the translated filename the client is requesting

r->args (char*): Contains the query string of the request, if any

r->headers_in (apr_table_t*): Contains all the headers sent by the client

r->connection (conn_rec*): A record containing information about the current connection

r->user (char*): If the URI requires authentication, this is set to the username provided

r->useragent_ip (char*): The IP address of the client connecting to us

r->pool (apr_pool_t*): The memory pool of this request. We'll discuss this in the
"Memory management" chapter.

Apache relies on return values from handlers to signify whether a request
was handled or not, and if so, whether the request went well or not. If a
module is not interested in handling a specific request, it should always
return the value DECLINED. If it is handling a request, it
should either return the generic value OK, or a specific HTTP
status code, for example:

Returning OK or a HTTP status code does not necessarily mean
that the request will end. The server may still have other handlers that are
interested in this request, for instance the logging modules which, upon a
successful request, will write down a summary of what was requested and how
it went. To do a full stop and prevent any further processing after your
module is done, you can return the value DONE to let the server
know that it should cease all activity on this request and carry on with
the next, without informing other handlers.
General response codes:

DECLINED: We are not handling this request

OK: We handled this request and it went well

DONE: We handled this request and the server should just close this thread without further processing

Managing your resources in Apache HTTP Server 2.4 is quite easy, thanks to the memory pool
system. In essence, each server, connection and request have their own
memory pool that gets cleaned up when its scope ends, e.g. when a request
is done or when a server process shuts down. All your module needs to do is
latch onto this memory pool, and you won't have to worry about having to
clean up after yourself - pretty neat, huh?

In our module, we will primarily be allocating memory for each request, so
it's appropriate to use the r->pool
reference when creating new objects. A few of the functions for allocating
memory within a pool are:

void* apr_palloc(
apr_pool_t *p, apr_size_t size): Allocates size number of bytes in the pool for you

void* apr_pcalloc(
apr_pool_t *p, apr_size_t size): Allocates size number of bytes in the pool for you and sets all bytes to 0

char* apr_pstrdup(
apr_pool_t *p, const char *s): Creates a duplicate of the string s. This is useful for copying constant values so you can edit them

This is all well and good for our module, which won't need any
pre-initialized variables or structures. However, if we wanted to
initialize something early on, before the requests come rolling in, we
could simply add a call to a function in our register_hooks
function to sort it out:

static void register_hooks(apr_pool_t *pool)
{
/* Call a function that initializes some stuff */
example_init_function(pool);
/* Create a hook in the request handler, so we get called when a request arrives */
ap_hook_handler(example_handler, NULL, NULL, APR_HOOK_LAST);
}

In this pre-request initialization function we would not be using the
same pool as we did when allocating resources for request-based functions.
Instead, we would use the pool given to us by the server for allocating memory
on a per-process based level.

In our example module, we would like to add a feature, that checks which
type of digest, MD5 or SHA1 the client would like to see. This could be
solved by adding a query string to the request. A query string is typically
comprised of several keys and values put together in a string, for instance
valueA=yes&valueB=no&valueC=maybe. It is up to the
module itself to parse these and get the data it requires. In our example,
we'll be looking for a key called digest, and if set to
md5, we'll produce an MD5 digest, otherwise we'll produce a SHA1
digest.

Since the introduction of Apache HTTP Server 2.4, parsing request data from GET and
POST requests have never been easier. All we require to parse both GET and
POST data is four simple lines:

In our specific example module, we're looking for the digest
value from the query string, which now resides inside a table called
GET. To extract this value, we need only perform a simple operation:

/* Get the "digest" key from the query string, if any. */
const char *digestType = apr_table_get(GET, "digest");
/* If no key was returned, we will set a default value instead. */
if (!digestType) digestType = "sha1";

The structures used for the POST and GET data are not exactly the same, so
if we were to fetch a value from POST data instead of the query string, we
would have to resort to a few more lines, as outlined in this example in the last chapter of this document.

In this next segment of this document, we will turn our eyes away from the
digest module and create a new example module, whose only function is to
write out its own configuration. The purpose of this is to examine how
the server works with configuration, and what happens when you start writing
advanced configurations
for your modules.

If you are reading this, then you probably already know
what a configuration directive is. Simply put, a directive is a way of
telling an individual module (or a set of modules) how to behave, such as
these directives control how mod_rewrite works:

Now, let's put this into perspective by creating a very small module that
just prints out a hard-coded configuration. You'll notice that we use the
register_hooks function for initializing the configuration
values to their defaults:

What if we want to change our configuration, not by hard-coding new values
into the module, but by using either the apache2.conf file or possibly a
.htaccess file? It's time to let the server know that we want this to be
possible. To do so, we must first change our name tag to include a
reference to the configuration directives we want to register with the server:

This will tell the server that we are now accepting directives from the
configuration files, and that the structure called example_directives
holds information on what our directives are and how they work.
Since we have three different variables in our module configuration, we
will add a structure with three directives and a NULL at the end:

AP_INIT_TAKE1: This is a macro that tells the server that this directive takes one and only one argument.
If we required two arguments, we could use the macro AP_INIT_TAKE2 and so on (refer to httpd_conf.h
for more macros).

exampleEnabled: This is the name of our directive. More precisely, it is what the user must put in his/her
configuration in order to invoke a configuration change in our module.

example_set_enabled: This is a reference to a C function that parses the directive and sets the configuration
accordingly. We will discuss how to make this in the following paragraph.

RSRC_CONF: This tells the server where the directive is permitted. We'll go into details on this value in the
later chapters, but for now, RSRC_CONF means that the server will only accept these directives in a server context.

"Enable or disable....": This is simply a brief description of what the directive does.

(The "missing" parameter in our definition, which is usually set to
NULL, is an optional function that can be run after the
initial function to parse the arguments have been run. This is usually
omitted, as the function for verifying arguments might as well be used to
set them.)

Now that we have told the server to expect some directives for our module, it's
time to make a few functions for handling these. What the server reads in the
configuration file(s) is text, and so naturally, what it passes along to
our directive handler is one or more strings, that we ourselves need to
recognize and act upon. You'll notice, that since we set our
exampleAction directive to accept two arguments, its C function also
has an additional parameter defined:

In Apache HTTP Server 2.4, different URLs, virtual hosts, directories etc can have very
different meanings to the user of the server, and thus different contexts
within which modules must operate. For example, let's assume you have this
configuration set up for mod_rewrite:

In this example, you will have set up two different contexts for
mod_rewrite:

Inside /var/www, all requests for http://example.com must go to http://www.example.com

Inside /var/www/sub, all requests for foobar must go to index.php?foobar=true

If mod_rewrite (or the entire server for that matter) wasn't context aware, then
these rewrite rules would just apply to every and any request made,
regardless of where and how they were made, but since the module can pull
the context specific configuration straight from the server, it does not need
to know itself, which of the directives are valid in this context, since
the server takes care of this.

So how does a module get the specific configuration for the server,
directory or location in question? It does so by making one simple call:

That's it! Of course, a whole lot goes on behind the scenes, which we will
discuss in this chapter, starting with how the server came to know what our
configuration looks like, and how it came to be set up as it is in the
specific context.

In this chapter, we will be working with a slightly modified version of
our previous context structure. We will set a context
variable that we can use to track which context configuration is being
used by the server in various places:

The RSRC_CONF definition told the server that we would only allow
this directive in a global server context, but since we are now trying out
a context aware version of our module, we should set this to something
more lenient, namely the value ACCESS_CONF, which lets us use
the directive inside <Directory> and <Location> blocks. For more
control over the placement of your directives, you can combine the following
restrictions together to form a specific rule:

A much smarter way to manage your configurations is by letting the server
help you create them. To do so, we must first start off by changing our
name tag to let the server know, that it should assist us in creating
and managing our configurations. Since we have chosen the per-directory
(or per-location) context for our module configurations, we'll add a
per-directory creator and merger function reference in our tag:

Now that we have told the server to help us create and manage configurations,
our first step is to make a function for creating new, blank
configurations. We do so by creating the function we just referenced in
our name tag as the Per-directory configuration handler:

Our next step in creating a context aware configuration is merging
configurations. This part of the process particularly applies to scenarios
where you have a parent configuration and a child, such as the following:

In this example, it is natural to assume that the directory
/var/www/subdir should inherit the values set for the /var/www
directory, as we did not specify an ExampleEnabled nor
an ExamplePath for this directory. The server does not presume to
know if this is true, but cleverly does the following:

Creates a new configuration for /var/www

Sets the configuration values according to the directives given for /var/www

Creates a new configuration for /var/www/subdir

Sets the configuration values according to the directives given for /var/www/subdir

Proposes a merge of the two configurations into a new configuration for /var/www/subdir

This proposal is handled by the merge_dir_conf function we
referenced in our name tag. The purpose of this function is to assess the
two configurations and decide how they are to be merged:

We have now looked at how to create simple modules for Apache HTTP Server 2.4 and
configuring them. What you do next is entirely up to you, but it is my
hope that something valuable has come out of reading this documentation.
If you have questions on how to further develop modules, you are welcome
to join our mailing lists
or check out the rest of our documentation for further tips.

Notice:This is not a Q&A section. Comments placed here should be pointed towards suggestions on improving the documentation or server, and may be removed again by our moderators if they are either implemented or considered invalid/off-topic. Questions on how to manage the Apache HTTP Server should be directed at either our IRC channel, #httpd, on Freenode, or sent to our mailing lists.